AutoFocus API STIX Support
Table of Contents
Expand all | Collapse all
-
- New Features October 2020
- New Features September 2020
- New Features: August 2020
- New Features: April 2020
- New Features: November 2019
- New Features: May 2019
- New Features: March 2019
- New Features: February 2019
- New Features: November 2018
- New Features: October 2018
- New Features: September 2018
- New Features: August 2018
- New Features: July 2018
- New Features: June 2018
AutoFocus API STIX Support
The AutoFocus™ API now supports STIX (Structured Threat
Indicator eXpression) responses. STIX is an easily consumable and
standardized data model for cyber threat information expressed through
structured XML.
STIX support is currently available through the following API
resources:
- /stix/samples/search/—Search samples
- /stix/samples/results/{af_cookie}—View the current search results of the given ID (af_cookie). This resource returns the latest results of/stix/samples/search/.
- /stix/sessions/search/—Search sessions during which samples match search conditions.
- /stix/sessions/results/{af_cookie}—View the current search results of the given ID (af_cookie). This resource returns the latest results of/stix/samples/search/.
- /stix/sample/{sample_id}/analysis/—View file analysis data related to a specified sample. The results of this search correspond to theFile Analysistab shown when you click a sample hash on the search editor.
- /stix/tags/—View a list of all tags.
- /stix/tag/{public_tag_name}—View tag details for the given public tag name.
Refer to the AutoFocus API Reference for
more information on viewing STIX responses through the AutoFocus
API.